Mercurial > pidgin.yaz
comparison src/protocols/oscar/family_icbm.c @ 13653:ad83024934ed
[gaim-migrate @ 16055]
Fix Coverity CID 86: Malformed incoming IMs could cause a double-free.
I don't think this will ever happen because the oscar servers filter
malformed SNACs.
committer: Tailor Script <tailor@pidgin.im>
| author | Mark Doliner <mark@kingant.net> |
|---|---|
| date | Tue, 18 Apr 2006 04:25:54 +0000 |
| parents | 5796551db930 |
| children | b198d0c26b83 |
comparison
equal
deleted
inserted
replaced
| 13652:a07dcc2c01bd | 13653:ad83024934ed |
|---|---|
| 1677 | 1677 |
| 1678 args.icbmflags |= AIM_IMFLAGS_TYPINGNOT; | 1678 args.icbmflags |= AIM_IMFLAGS_TYPINGNOT; |
| 1679 | 1679 |
| 1680 } else if (type == 0x0017) { | 1680 } else if (type == 0x0017) { |
| 1681 | 1681 |
| 1682 free(args.extdata); | 1682 if (length > byte_stream_empty(bs)) |
| 1683 args.extdatalen = length; | |
| 1684 if (args.extdatalen > byte_stream_empty(bs)) | |
| 1685 { | 1683 { |
| 1686 gaim_debug_misc("oscar", "Received an IM containing an invalid message part from %s. They are probably trying to do something malicious.\n", userinfo->sn); | 1684 gaim_debug_misc("oscar", "Received an IM containing an invalid message part from %s. They are probably trying to do something malicious.\n", userinfo->sn); |
| 1687 break; | 1685 break; |
| 1688 } | 1686 } |
| 1687 free(args.extdata); | |
| 1688 args.extdatalen = length; | |
| 1689 if (args.extdatalen == 0) | 1689 if (args.extdatalen == 0) |
| 1690 args.extdata = NULL; | 1690 args.extdata = NULL; |
| 1691 else | 1691 else |
| 1692 args.extdata = byte_stream_getraw(bs, args.extdatalen); | 1692 args.extdata = byte_stream_getraw(bs, args.extdatalen); |
| 1693 | 1693 |